Stored Cross-Site Scripting Vulnerability at ShuipfCMS Backend Login

ShuipFCMS is a content management system based on ThinkPHP framework as the core and developed in an independent grouping approach. A stored cross-site scripting vulnerability exists in the ShuipfCMS backend login, which can be exploited by an attacker to remotely obtain an administrator cookie...

How to use a single download to remotely steal proprietary files from MacOS

by Anton Lopanitsyn Wallarm Research Team Imaging a scary scenario: you open a simple html document, and after a little while, your proprietary files unbeknownst to you find their way to somebody else’s hard drive… Documents, source code, SSH keys, passwords…All the files you, the authorized user...

Profense Web Application Firewall 2.6.2 XSRF/XSS Vulnerabilities

No description provided by source. Written By Michael Brooks Special thanks to str0ke! Affects: Profense Web Application Firewall XSRF and XSS Version: 2.6.2 download http://www.armorlogic.com/downloadsoftware.html "Defenses against all OWASP Top Ten vulnerabilities" Too bad it doesn't defend its...

CVE-2002-2013

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character %00 followed by the target domain...